Copeland E3 Supervisory Control 安全漏洞

Copeland E3 Supervisory Control is an industrial equipment control system from Copeland, USA. A security vulnerability exists in Copeland E3 Supervisory Control versions prior to 2.31F01, which stems from an unsigned firmware upgrade package that could lead to the installation of malicious firmwa...

PT-2025-35559

Name of the Vulnerable Software and Affected Versions: E3 Site Supervisor Control versions prior to 2.31F01 Description: E3 Site Supervisor Control firmware upgrade packages are unsigned, allowing attackers to forge malicious packages. An attacker with administrative access to the application...

Linux Distros Unpatched Vulnerability : CVE-2014-0022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows...

Linux Distros Unpatched Vulnerability : CVE-2022-43602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput...

Linux Distros Unpatched Vulnerability : CVE-2022-32546

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untruste...

Linux Distros Unpatched Vulnerability : CVE-2024-31031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in coappdu.c in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow...

Linux Distros Unpatched Vulnerability : CVE-2017-9269

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libzypp before August 2018 GPG keys attached to YUM repositories were not correctly pinned, allowing malicious repository mirrors to silently downgrade to...

Linux Distros Unpatched Vulnerability : CVE-2017-7435

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead to man in the middle or malicious server...

Linux Distros Unpatched Vulnerability : CVE-2017-7436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libzypp before 20170803 it was possible to retrieve unsigned packages without a warning to the user which could lead to man in the middle or malicious server...

CVE-2025-38651 landlock: Fix warning from KUnit tests

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests getidrange expects a positive value as first argument but getrandomu8 can return 0. Fix this by clamping it. Validated by running the test in a for loop for 1000 times. Note that MAX is wron...

Linux Distros Unpatched Vulnerability : CVE-2025-45512

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot U-Boot v1.1.3 allows attackers to install crafted firmware files,...

CVE-2025-36530 Import Path Traversal Enables Unauthorized Unsigned Plugin Installation

Mattermost versions 10.9.x = 10.9.1, 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin...

CVE-2025-36530 Import Path Traversal Enables Unauthorized Unsigned Plugin Installation

Mattermost versions 10.9.x = 10.9.1, 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin...

Linux Distros Unpatched Vulnerability : CVE-2023-7008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature...

Linux Distros Unpatched Vulnerability : CVE-2022-43598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially craft...

Linux Distros Unpatched Vulnerability : CVE-2024-42105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix inode number range checks Patch series nilfs2: fix potential issues related to reserved inodes. This series fixes one use-after-free issue reported ...

Linux Distros Unpatched Vulnerability : CVE-2025-22091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix pagesize variable overflow Change all variables storing mlx5umemmkcfindbestpg...

CVE-2025-30027

An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...

CVE-2025-3892

ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a maliciou...

CVE-2025-3892

ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a maliciou...